Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68509A08C1CE11EFB9D1F577762E951A.roa
File: 68509A08C1CE11EFB9D1F577762E951A.roa (raw, json)
Hash identifier: QwzT909Xj+Q4BWd3QMmSjGjpqlvNMMTtJX7/ZxmWW2k=
Subject key identifier: 9E:97:72:CE:7E:B5:0B:17:73:CD:29:25:83:D6:AC:97:73:AE:B7:3C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012283
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68509A08C1CE11EFB9D1F577762E951A.roa
Signing time: Tue 24 Dec 2024 08:09:33 +0000
ROA not before: Tue 24 Dec 2024 08:09:29 +0000
ROA not after: Wed 10 Dec 2025 08:09:29 +0000
asID: 984
IP address blocks: 154.193.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74371 (0x12283)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 08:09:29 2024 GMT
Not After : Dec 10 08:09:29 2025 GMT
Subject: CN=676a6c3d-353c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f0:5f:d9:70:cb:51:f3:fb:24:65:72:82:04:
c6:a1:8d:f0:60:d7:3a:8a:d6:32:f2:6b:15:ac:00:
2d:c7:5f:9d:aa:5f:65:80:a5:e5:82:f3:da:f2:cd:
54:8f:1c:53:4a:cb:9e:12:49:53:eb:ef:d9:7c:44:
ad:48:40:1d:41:3d:96:43:4b:2b:81:9e:f4:78:15:
fe:b8:61:97:f9:fa:bd:8c:45:5e:4b:3a:3c:21:88:
0e:4c:90:94:f8:57:e8:81:48:70:32:3d:94:f2:5e:
c3:25:08:5d:9f:f4:f6:9c:d0:83:1a:3a:12:2e:72:
49:e5:78:0a:86:b2:ba:d0:47:fe:b5:68:cd:07:93:
ec:8d:31:66:b4:48:9e:0f:53:41:d8:7c:1c:95:96:
64:ef:ce:13:17:98:15:2f:95:fc:70:01:63:af:8b:
83:e2:d5:2f:53:47:2d:8f:5c:3e:e1:7f:12:8c:c0:
e7:8a:a5:08:5f:2a:4e:b0:c9:e2:54:df:cd:4c:d6:
f4:08:21:a1:32:31:1f:f5:f0:68:ed:f4:7e:08:33:
53:cf:50:46:14:82:d6:30:df:b0:1f:36:3a:20:5f:
af:8a:88:57:34:a0:bd:3a:fe:34:52:34:f9:ef:11:
86:d7:1f:f6:5c:40:ff:60:df:7c:d3:db:98:74:a8:
57:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:97:72:CE:7E:B5:0B:17:73:CD:29:25:83:D6:AC:97:73:AE:B7:3C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68509A08C1CE11EFB9D1F577762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.225.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:e3:ec:09:d2:a6:a6:91:cf:b5:58:34:1d:19:45:93:98:dc:
61:ff:75:4c:98:c9:4e:19:36:5b:42:25:96:a8:56:2a:c7:61:
d5:f9:07:bf:90:41:7a:40:80:c7:b3:62:d4:b5:93:c0:60:aa:
53:a4:ae:60:c6:ae:1c:6c:ee:4e:e8:05:2f:dd:ec:42:46:ad:
15:f5:19:d5:d3:d4:79:bd:dc:57:aa:da:06:02:e7:cd:c9:e5:
b3:91:92:9e:fa:8f:ff:c9:91:74:e3:1a:c5:d8:94:38:2e:87:
83:87:98:f1:a9:ac:10:eb:c0:1d:99:3d:78:10:98:05:a9:2a:
24:a9:5e:ab:93:80:c9:f7:b3:e5:c4:b5:f0:5d:6e:d2:a4:0f:
0b:1f:85:ed:5b:78:48:b5:2d:7c:e5:86:42:de:63:54:2c:d0:
ba:7e:aa:eb:4a:5c:51:f3:85:fa:cc:2f:fe:a7:58:ae:2b:bc:
93:2a:22:aa:be:98:eb:06:e1:0d:8d:27:a9:cb:58:c6:90:dc:
73:fe:b0:b9:81:5a:76:a8:b2:f0:a6:78:c5:be:51:6c:81:c1:
a3:28:cd:64:69:b5:90:da:3f:f0:80:0a:04:a0:b4:d7:61:90:
50:16:0e:ff:e5:93:cf:71:84:66:89:25:fd:6e:c1:58:41:83:
d7:26:57:5d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASKDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDgwOTI5WhcNMjUxMjEwMDgwOTI5WjAYMRYw
FAYDVQQDEw02NzZhNmMzZC0zNTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1fBf2XDLUfP7JGVyggTGoY3wYNc6itYy8msVrAAtx1+dql9lgKXlgvPa
8s1UjxxTSsueEklT6+/ZfEStSEAdQT2WQ0srgZ70eBX+uGGX+fq9jEVeSzo8IYgO
TJCU+FfogUhwMj2U8l7DJQhdn/T2nNCDGjoSLnJJ5XgKhrK60Ef+tWjNB5PsjTFm
tEieD1NB2HwclZZk784TF5gVL5X8cAFjr4uD4tUvU0ctj1w+4X8SjMDniqUIXypO
sMniVN/NTNb0CCGhMjEf9fBo7fR+CDNTz1BGFILWMN+wHzY6IF+viohXNKC9Ov40
UjT57xGG1x/2XED/YN9809uYdKhXawIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ6X
cs5+tQsXc80pJYPWrJdzrrc8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82ODUwOUEwOEMxQ0UxMUVGQjlEMUY1Nzc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsHhMA0GCSqGSIb3DQEB
CwUAA4IBAQBN4+wJ0qamkc+1WDQdGUWTmNxh/3VMmMlOGTZbQiWWqFYqx2HV+Qe/
kEF6QIDHs2LUtZPAYKpTpK5gxq4cbO5O6AUv3exCRq0V9RnV09R5vdxXqtoGAufN
yeWzkZKe+o//yZF04xrF2JQ4LoeDh5jxqawQ68AdmT14EJgFqSokqV6rk4DJ97Pl
xLXwXW7SpA8LH4XtW3hItS185YZC3mNULNC6fqrrSlxR84X6zC/+p1iuK7yTKiKq
vpjrBuENjSepy1jGkNxz/rC5gVp2qLLwpnjFvlFsgcGjKM1kabWQ2j/wgAoEoLTX
YZBQFg7/5ZPPcYRmiSX9bsFYQYPXJldd
-----END CERTIFICATE-----
Generated at Fri Apr 11 07:40:15 2025 by rpki-client